Wal-Mart defends security tactics

Tribune news servicesCHICAGO TRIBUNE

Wal-Mart Stores Inc., the world's largest retailer, has defended its security measures and said it has made changes to its operations after the company fired two people for improperly taping phone calls.

The company declined to comment Wednesday on specific allegations made by former security technician Bruce Gabbard to the Wall Street Journal in a Tuesday story that said the company monitored employees, critics, stockholders and the consulting firm McKinsey & Co.

On March 5, Wal-Mart said it fired two workers for intercepting text messages and improperly recording phone calls with a New York Times reporter. The company, which reported its findings of an internal probe of the monitoring to the U.S. attorney's office in January, said it needs to monitor threats to the company, its workers and its intellectual property.

"This group is no longer operating in the same manner that it did prior to the discovery of the unauthorized technician," spokeswoman Sarah Clark said Wednesday. "There have been changes in leadership, and we have strengthened our practices and protocols in this area."

Investigating critics and consultants would be "crossing the line" and not typical of large corporations, said Bruce Schneier, founder and chief technology officer of BT Counterpane, a security consulting firm based in Mountain View, Calif.

It is common for companies to monitor their workers' e-mail, phone calls and Internet use, Schneier said.

Larry Ponemon, founder of the Ponemon Institute, a research foundation that focuses on privacy and data-protection practices of companies, agreed with Schneier, but said monitoring vendors and consultants is "beyond the realm of what legitimate companies do."

Wal-Mart "seems like an organization that has a culture that doesn't trust its employees, and it certainly doesn't trust its vendors or consultants," said Ponemon.

Gabbard told the Journal that a unit called the Threat Research and Analysis Group used advanced technology from a Defense Department supplier to detect and record actions by anyone connected to the company's global computer network.

Wal-Mart has disconnected some systems after an internal investigation into the group's activities, the Journal said, citing an unidentified executive in the security information industry.

Wal-Mart made the case public last month and denied Gabbard's claims that his actions were the result of pressure from Kenneth Senser, a former senior CIA and FBI official who has headed Wal-Mart's office of global security since 2003.

Gabbard and his former supervisor, Jason Hamilton, who also was fired, have declined repeated requests from The Associated Press to talk about their security activities.

But in a text message Wednesday, Gabbard confirmed the allegations that he was part of a broader surveillance operation approved by the company.

Wal-Mart's union-backed critics, whom Gabbard identified as among the surveillance targets, accused the retailer of being "paranoid, childish and desperate."

"They should stop playing with spy toys and take the criticism of their business model seriously. The success of the company depends on it," said Nu Wexler, spokesman for Wal-Mart Watch.

Ponemon said most of the surveillance tactics allegedly approved by Wal-Mart appear to be legal, including the dispatch of a spy to an anti-Wal-Mart gathering that was a public meeting.

Gabbard told the Journal he recorded the calls to the New York Times reporter on his own, but he added that many of his activities were approved by Wal-Mart.

Clark said she could not comment on Gabbard's claim of blanket approval because "that's a pretty broad statement. We wouldn't be able to comment on that without knowing the details he's referring to."

Clark declined to comment on specific allegations. But when asked about McKinsey, she said, "We continue to work closely with McKinsey, and we have no evidence that anyone there ever inappropriately shared confidential information."